Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
A requirement in some security-critical applications is This support can be obtained from senior program-
to design an access control system to protect the con- mers, from book or from websites. Before building the
fidential data stored in the storage nodes or contents system the above consideration r taken into account
of the confidential messages routed through the net- for developing the proposed system.BE comes in two
work. As an example, in a battlefield DTN, a storage flavors called key-policy ABE (KP-ABE) and ciphertext-
node may have some confidential information which policy ABE (CP-ABE). In KP-ABE, the encryptor only
should be accessed only by a member of„Battalion 6 gets to label a ciphertext with a set of attributes. The
or a participant in „Mission 3. Several current solutions key authority chooses a policy for each user that de-
follow the traditional cryptographic-based approach termines which ciphertexts he can decrypt and issues
where the contents are encrypted before being stored the key to each user by embedding the policy into the
in storage nodes, and the decryption keys are distrib- users key.
uted only to authorized users. In such approaches, flex-
ibility and granularity of content access control relies However, the roles of the ciphertexts and keys are re-
heavily on the underlying cryptographic primitives be- versed in CP-ABE. In CP-ABE, the ciphertext is encrypted
ing used. It is hard to balance between the complexity with an access policy chosen by an encryptor, but a key
of key management and the granularity of access con- is simply created with respect to an attributes set. CP-
trol using any solutions that are based on the conven- ABE is more appropriate to DTNs than KP-ABE because
tional pair wise key or group key primitives. Thus, we it enables encryptors such as a commander to choose
still need to design a scalable solution that can provide an access policy on attributes and to encrypt confiden-
fine-grain access control. That is a DTN architecture tial data under the access structure via encrypting with
where multiple authorities issue and manage their own the corresponding public keys or attributes.
attribute keys independently as a decentralized DTN.
System Design: i. Existing System:
In this paper, we describe a CP-ABE based encryption
scheme that provides fine-grained access control. In a The idea of Attribute based encryption (ABE) is a guar-
CP-ABE scheme, each user is associated with a set of anteeing approach that satisfies the prerequisites for
attributes based on which the users private key is gen- secure information recovery in DTNs. ABE characteris-
erated. Contents are encrypted under an access policy tics a system that empowers a right to gain entrance
such that only those users whose attributes match the control over scrambled information utilizing access
access policy are able to decrypt. Our scheme can pro- approaches and credited qualities among private keys
vide not only fine-grained access control to each con- and ciphertexts. The issue of applying the ABE to DTNs
tent object but also more sophisticated access control presents a few security and protection challenges.
antics. Ciphertext-policy attribute-based encryption Since a few clients may change their related qualities
(CP-ABE) is a guaranteeing cryptographic answer for sooner or later (for instance, moving their district), or
the right to gain entrance control issues. In any case, some private keys may be traded off, key repudiation
the issue of applying CP-ABE in decentralized DTNs (or redesign) for each one characteristic is fundamen-
presents a few securities and protection challenges as tal keeping in mind the end goal to make frameworks
to the property disavowal, key escrow, and coordina- secure.
tion of characteristics issued from distinctive powers.
This infers that renouncement of any property or any
Literature Survey: single client in a characteristic gathering would influ-
ence alternate clients in the gathering. Case inpoint,
Literature survey is the most important step in soft- if a client joins or leaves a trait assemble, the related
ware development process. Before developing the tool characteristic key ought to be changed and redistrib-
it is necessary to determine the time factor, economy n uted to the various parts in the same gathering for ret-
company strength. Once these things r satisfied, then rograde or forward mystery. It may bring about bot-
next steps is to determine which operating system and tleneck amid rekeying method or security corruption
language can be used for developing the tool. Once because of the windows of powerlessness if the past
the programmers start building the tool the program- characteristic key is not overhauled quickly.
mers need lot of external support.
i.i.Limitation of existing system: Thus, users are not required to fully trust the authori-
ties in order to protect their data to be shared. The
i)The issue of applying the ABE to DTNs presents a few data confidentiality and privacy can be cryptographi-
security and protection challenges. Since a few clients cally enforced against any curious key authorities or
may change their related properties sooner or later data storage nodes in the proposed scheme.
(for instance, moving their area), or some private keys
may be bargained, key renouncement (or upgrade) for ii.iAdvantages:
each one trait is fundamental with a specific end goal
to make frameworks secure. i)Data confidentiality: Unauthorized users who do not
have enough credentials satisfying the access policy
ii)However, this issue is significantly more trouble- should be deterred from accessing the plain data in the
some, particularly in ABE frameworks, since each one storage node. In addition, unauthorized access from
characteristic is possibly imparted by different clients the storage node or key authorities should be also pre-
(hereafter, we allude to such a gathering of clients as a vented.
quality gathering)
ii)Collusion-resistance: If multiple users collude, they
iii)Another test is the key escrow issue. In CP-ABE, the may be able to decrypt a ciphertext by combining their
key power creates private keys of clients by applying attributes even if each of the users cannot decrypt the
the power’s expert mystery keys to clients’ related set ciphertext alone.
of properties.
iii)Backward and forward Secrecy:
iv)The last test is the coordination of traits issued from
distinctive powers. At the point when various powers In the context of ABE, backward secrecy means that
oversee and issue ascribes keys to clients freely with any user who comes to hold an attribute (that satisfies
their expert mysteries, it is tricky to characterize fine- the access policy) should be prevented from accessing
grained access arrangements over traits issued from the plaintext of the previous data exchanged before
distinctive powers. he holds the attribute.
ii. Proposed System: On the other hand, forward secrecy means that any
user who drops an attribute should be prevented from
In this paper, we propose an attribute-based secure accessing the plaintext of the subsequent data ex-
data retrieval scheme using CP-ABE for decentralized changed after he drops the attribute, unless the other
DTNs. The proposed scheme features the following valid attributes that he is holding satisfy the access
achievements. First, immediate attribute revocation policy.
enhances backward/forward secrecy of confidential
data by reducing the windows of vulnerability. Second, ii.ii.Challenges:
encryptors can define a fine-grained access policy us-
ing any monotone access structure under attributes is- The problem of applying CP-ABE in decentralized dis-
sued from any chosen set of authorities. Third, the key ruption tolerant networks introduces several security
escrow problem is resolved by an escrow-free key issu- and privacy challenges with regard to the attribute re-
ing protocol that exploits the characteristic of the de- vocation, key escrow, and coordination of attributes
centralized DTN architecture. The key issuing protocol issued from different authorities.
generates and issues user secret keys by performing a
secure two-party computation (2PC) protocol among System Architecture:
the key authorities with their own master secrets. The
2PC protocol deters the key authorities from obtaining In this section, we describe the DTN architecture and
any master secret information of each other such that define the security model.
none of them could generate the whole set of user
keys alone.
4)Users:
Sender:
Explain that now; the policy checking happens “in- Description : IV.ii.i. Key
side the crypto”. That is, nobody explicitly evaluates
the policies and makes an access decision. Instead, if Authorities:
the policy is satisfied, decryption will just work, other-
wise it wont. They are key generation centers that generate public/
secret parameters for CP-ABE. The key authorities con-
sist of a central authority and multiple local authorities.
We assume that there are secure and reliable commu-
nication channels between a central authority and each
local authority during the initial key setup and genera-
tion phase.
[1]J. Burgess, B. Gallagher, D. Jensen, and B. N. Levine, [13]J. Bethencourt, A. Sahai, and B. Waters, “Cipher-
“Maxprop: Routing for vehicle-based disruption toler- text-policy attributebased encryption,” in Proc. IEEE
ant networks,” in Proc. IEEE INFOCOM, 2006, pp. 1–11. Symp. Security Privacy, 2007, pp.321–334.
[2]M. Chuah and P. Yang, “Node density-based adap- [14]R. Ostrovsky, A. Sahai, and B. Waters, “Attribute-
tive routing scheme for disruption tolerant networks,” based encryption with non-monotonic access struc-
in Proc. IEEE MILCOM, 2006, pp.1–6. tures,” in Proc. ACM Conf. Comput. Commun. Security,
2007, pp. 195–203.
[3]M. M. B. Tariq, M. Ammar, and E. Zequra, “Mesage
ferry route design for sparse ad hoc networks with mo- [15]S. Yu, C. Wang, K. Ren, and W. Lou, “Attribute
bile nodes,” in Proc. ACM MobiHoc, 2006, pp. 37–48. based data sharing with attribute revocation,” in Proc.
ASIACCS, 2010, pp. 261–270.
[4]S. Roy andM. Chuah, “Secure data retrieval based on
ciphertext policy attribute-based encryption (CP-ABE) [16]A. Boldyreva, V. Goyal, and V. Kumar, “Identity-
system for the DTNs,” Lehigh CSE Tech. Rep., 2009. based encryption with efficient revocation,” in Proc.
ACM Conf. Comput. Commun. Security, 2008, pp. 417–
[5]M. Chuah and P. Yang, “Performance evaluation 426.
of content-based information retrieval schemes for
DTNs,” in Proc. IEEE MILCOM, 2007, pp. 1–7. [17]M. Pirretti, P. Traynor, P. McDaniel, and B.Waters,
“Secure attributebased systems,” in Proc. ACMConf.
[6]M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, Comput. Commun. Security, 2006, pp. 99–112.
and K. Fu, “Plutus: Scalable secure file sharing on un-
trusted storage,” in Proc.Conf. File Storage Technol.,
2003, pp. 29–42.
[18]S. Rafaeli and D. Hutchison, “A survey of key man- [27]M. Belenkiy, M. Chase, M. Kohlweiss, and A. Lysyan-
agement for secure group communication,” Comput. skaya, “P-signatures and noninteractive anonymous
Surv., vol. 35, no. 3, pp. 309–329, 2003. credentials,” in Proc. TCC, 2008, LNCS 4948, pp. 356–
374.
[19]S. Mittra, “Iolus: A framework for scalable secure
multicasting,” in Proc. ACM SIGCOMM, 1997, pp. 277– [28]M. Belenkiy, J. Camenisch, M. Chase, M. Kohlweiss,
288. A. Hysyanskaya, and H. Shacham, “Randomizable
proofs and delegatable anonymous credentials,” in
[20]P. Golle, J. Staddon, M. Gagne, and P. Rasmussen, Proc. Crypto, LNCS 5677, pp. 108–125.
“A content-driven access control system,” in Proc.
Symp. Identity Trust Internet, 2008, pp. 26–35. [29]D. Naor, M. Naor, and J. Lotspiech, “Revo-
cation and tracing schemes for stateless receivers,” in
[21]L. Cheung and C. Newport, “Provably secure cipher- Proc. CRYPTO, 2001, LNCS 2139, pp. 41–62.
text policy ABE,” in Proc. ACM Conf. Comput. Commun.
Security, 2007, pp. 456– 465. [30]C. K.Wong,M. Gouda, and S. S. Lam, “Secure group
communications using key graphs,” in Proc. ACM SIG-
[22]V.Goyal, A. Jain,O. Pandey, andA. Sahai, “Bound- COMM, 1998, pp. 68–79.
ed ciphertext policy attribute-based encryption,” in
Proc. ICALP, 2008, pp. 579– 591. [31]A. T. Sherman and D. A. McGrew, “Key establish-
ment in large dynamic groups using one-way function
[23]X. Liang, Z. Cao, H. Lin, and D. Xing, “Provably trees,” IEEE Trans. Softw. Eng., vol. 29, no. 5, pp. 444–
secure and efficient bounded in Proc. ASIACCS, 458, May 2003.
2009, pp. 343–352.
[32]K. C. Almeroth and M. H. Ammar, “Multicast
[24]M. Chase and S. S. M. Chow, “Improving privacy group behavior in the Internets multicast backbone
and security inmultiauthority attribute-based encryp- (MBone),” IEEE Commun. Mag., vol. 35, no. 6, pp. 124–
tion,” in Proc. ACM Conf. Comput. Commun. Security, 129, Jun. 1997.
2009, pp. 121– 130.
[33]“The Pairing-Based Cryptography Library,” Ac-
[25]M. Chase, “Multi-authority attribute based encryp- cessed Aug. 2010 [Online]. Available: http://crypto.
tion,” in Proc. TCC, 2007, LNCS 4329, pp. 515–534. stanford.edu/pbc/